Microsoft Warns of Attack Via Unpatched Excel Flaw

In a blog post put up this evening (ignore the time stamp; Microsoft's blog is set to GMT), Microsoft had this to say about the flaw: "In order for this attack to be carried out, a user must first open a malicious Excel document that is sent as an e-mail attachment or otherwise provided to them by an attacker. (Note that opening it out of email will prompt you to be careful about opening the attachment.) So remember to be very careful opening unsolicited attachments from both known and unknown sources."

Update, 2:10 p.m. ET, June 16: As one commenter pointed out, the piece of malware from that Symantec post that actually does the exploiting of this unpatched Excel flaw is another bugger described in the advisory, which Symantec is calling Trojan.Mdropper.j

You want the phrase "they'll fare well", not "fair well". This is the same word used to form the traditional parting salutation "farewell" and means "to journey". It is completely distinct from it's homonym "fair" as in even-handed. If there's any confusion, just say "do" instead.

We users continue to pay for the "power" of MS applications. Seems like every app has to be a "platform" with direct access to the OS. Unfortunately Google and other web companies are trying to become platforms as well, which means security problems like the recent Yahoo mail worm will only become more prevalent. Why can't these companies live by the words that have guided Spiderman so well: with great power comes great responsibility. Think of your users before you try to make that app a platform.